What would a pen testing/cyber sec programming job be like? I'm 13 and may want to be involved in this in the future. However, I feel that a penetration tester will soon run out of vulns to test (until someone finds a new one). What would you say about a pen testing/cyber sec programming career?

16 Responses

There are piles of cyber security career options. Running out of vulns isn't going to happen. If you look at the way software development is done, or even at the way operating systems are built, you'll notice security is an after thought. Even in established products there's piles of vulns lurking beneath the surface. Tcpdump, a long standing Linux network tool just had something like 8 cves published recently. That's not even scratching the surface.

A career in pentesting is basically learning to run nessus/various OS's, spending a lot of time reading, and a lot of time just hunting low hanging fruit. The big cool hacker stuff that makes news is usually done by researchers. Such as Tavis on project zero, then those vulns and issues filter into the list of exploits available to pen testers. Pen testers can of course write their own exploit code, but it's a different skillset to take a program apart and fuzz/debug it.

Programming is almost always good, Java, and C++ will get you pretty far. Pen testers often code in Python because it's a fairly easy language and very portable, there are also a lot of libs available.

If you have interest, now is the time to start. There's a lot of knowledge you will need to gather up on how everything works, lots to understand before you can get to breaking it.

Thanks! Just the answer I needed! Right now I am learning Python and JavaScript, and I currently know a bit of HTML. I've took some courses on ethical hacking, and now I'm trying to learn Python's socket module so I can make some network/port scanners...

Usually finding zero days is done by researchers or bounty hunters. You might run across one working on something, but pen tests are limited in time. You aren't going to sit and try to disassemble services and find 0 days since you've been contracted to attack a web site, or network. The time spent hunting for a cool 0 day would be wasted time when your target is running unpatched win xp. Researchers are usually contracted to work on an application within a scope and locate issues.

For example Tavis with Project Zero is paid by Google to find attack vectors in anti-virus. As a pen tester this is great for me, because when something is discovered the PoC makes its way down the pipe and I can use it in a pen test. But trying to find a zero day in a pen test could be extremely time consuming, it's also not what you were hired to do. If you find a zero day in a common service you've hit some really sloppy coding.

As far as gathering up how everything works, start studying for your Network+ that'll give you some fundamentals in networking. You're going to need to be skilled in Linux, so get a Linux running. I recommend books from https://www.nostarch.com/. Stack exchange is really good. Join IRC channels that deal with networking and Linux, and coding. Read RFC's. Practice managing your time efficiently. Get a news reader, and set up a twitter. Follow people like thegrugq, swiftonsecurity, tavis, Krebs etc. Search out places with knowledgeable people and read read read. Try to get in with a decent group of professionals.

In the beginning when you're getting information from other people in places like IRC or on Twitter it maybe difficult to sort out things that are factual and things that are fiction. Security is a big talking point right now, and there's a lot of snake oil.